Prepare Now for Critical Flaw in OpenSSL, Security Experts Warn
Organizations have five days to prepare for what the OpenSSL Project on Oct. 26 described as a "critical" vulnerability in versions 3.0 and above of the nearly ubiquitously used cryptographic...
Raspberry Robin’s Cyber Worm Infects Thousands of Endpoints
The Raspberry Robin cyber-worm operation has infected nearly 3,000 devices in almost 1,000 organizations in the last 30 days, according to Microsoft telemetry — and the threat seems to be...
Google Chrome Pays $57K (and Counting) in Bug Bounties for Latest Update
Google Chrome's rollout of its latest browser update includes 14 individual security fixes — three high-severity — found by independent researchers who earned bug bounty payouts totaling more than $57,000. There is...
BlackBerry Launches Cyber Threat Intelligence Service to Strengthen Cyber Defenses
NEW YORK, Oct. 26, 2022 /PRNewswire/ — Today, at the BlackBerry Security Summit, BlackBerry Limited (NYSE: BB; TSX: BB) announced the release of its new Cyber Threat Intelligence (CTI)...
Cisco Warns AnyConnect VPNs Under Active Cyberattack
A pair of known security vulnerabilities in the Cisco AnyConnect Secure Mobility Client for Windows is being actively exploited in the wild, despite being patched for two-plus years.
The...
Ransomware Gangs Ramp Up Industrial Attacks in US
Ransomware gangs are hitting the industrial sector hard — and especially manufacturing companies, with significant spikes in cyberattack activity against US organizations spotted in the third quarter. Meanwhile, emerging...
Threat Groups Repurpose Banking Trojans into Backdoors
Threat groups continue to recycle code from older tools into more generalized frameworks, a trend that will continue as the codebases incorporate more modularity, security experts said this week.In...
LinkedIn Phishing Spoof Bypasses Google Workspace Security
A phishing email purportedly from LinkedIn with the subject line "We noticed some unusual activity" was discovered targeting users at a travel organization, in an attempt to pilfer their...
Windows Mark of the Web Zero-Days Remain Patchless, Under Exploit
Two separate vulnerabilities exist in different versions of Windows that allow attackers to sneak malicious attachments and files past Microsoft's Mark of the Web (MOTW) security feature.
Attackers are actively...
Stress Is Driving Cybersecurity Professionals to Rethink Roles
The stress and strain of cyberattacks on the staff tasked with protecting businesses is driving droves of desperately needed security practitioners to rethink their roles.New research from Mimecast reveals...
